feat: one passing test

Author: cpb8010

packages/auth-server/components/account-recovery/guardian-flow/Step4ConfirmNow.vue

@@ -97,7 +97,7 @@ const { getWalletClient, defaultChain } = useClientStore();
 const { isSsoAccount: checkIsSsoAccount, isLoading, error: isSsoAccountError } = useIsSsoAccount();
 const { confirmGuardian, confirmGuardianInProgress } = useRecoveryGuardian();
 const { getConfigurableAccount, getConfigurableAccountInProgress } = useConfigurableAccount();
-const { address } = useAccountStore();
+const { address: currentSsoAddress } = useAccountStore();
 const accountData = useAppKitAccount();
 
 const confirmGuardianErrorMessage = ref<string | null>(null);
@@ -116,29 +116,52 @@ const handleCheck = async () => {
 
 const handleConfirmGuardian = async () => {
   try {
-    if (!address) {
+    if (!currentSsoAddress) {
       throw new Error("No account logged in");
     }
 
+    console.log(`[Step4ConfirmNow] Starting confirmation. Account to guard: ${currentSsoAddress}, Guardian address: ${props.guardianAddress}, Is SSO: ${isSsoAccount.value}`);
+
     let client: Parameters<typeof confirmGuardian>[0]["client"];
 
-    if (isSsoAccount.value) {
-      const configurableAccount = await getConfigurableAccount({ address: props.guardianAddress });
+    // Check if guardian is the currently connected SSO account
+    const isCurrentSsoGuardian = isSsoAccount.value
+      && currentSsoAddress
+      && props.guardianAddress.toLowerCase() === currentSsoAddress.toLowerCase();
+
+    if (isCurrentSsoGuardian) {
+      // Guardian is the current SSO account - use SSO client with paymaster
+      console.log("[Step4ConfirmNow] Getting configurable account for current SSO guardian");
+      const configurableAccount = await getConfigurableAccount({
+        address: props.guardianAddress,
+        usePaymaster: true,
+      });
       if (!configurableAccount) {
+        console.error(`[Step4ConfirmNow] No configurable account found for ${props.guardianAddress}`);
         throw new Error("No configurable account found");
       }
+      console.log("[Step4ConfirmNow] Using SSO client:", configurableAccount.account.address);
       client = configurableAccount;
     } else {
+      // Guardian is a different account - use WalletConnect
+      if (!accountData.value.isConnected) {
+        throw new Error("Please connect your wallet first");
+      }
+      console.log("[Step4ConfirmNow] Getting wallet client for guardian");
       client = await getWalletClient({ chainId: defaultChain.id });
+      console.log("[Step4ConfirmNow] Using wallet client:", client.account.address);
     }
 
+    console.log(`[Step4ConfirmNow] Calling confirmGuardian with client address: ${client.account.address}`);
     await confirmGuardian({
       client,
-      accountToGuard: address,
+      accountToGuard: currentSsoAddress,
     });
+    console.log("[Step4ConfirmNow] Guardian confirmed successfully");
     confirmGuardianErrorMessage.value = null;
     emit("next");
   } catch (err) {
+    console.error("[Step4ConfirmNow] Error confirming guardian:", err);
     confirmGuardianErrorMessage.value = "An error occurred while confirming the guardian. Please try again.";
     // eslint-disable-next-line no-console
     console.error(err);

packages/auth-server/composables/useConfigurableAccount.ts

@@ -4,10 +4,15 @@ import { WebAuthnValidatorAbi } from "zksync-sso-4337/abi";
 export const useConfigurableAccount = () => {
   const { getPublicClient, getConfigurableClient, defaultChain, contractsByChain } = useClientStore();
 
-  const { inProgress: getConfigurableAccountInProgress, error: getConfigurableAccountError, execute: getConfigurableAccount } = useAsync(async ({ address }: { address: Address }) => {
+  const { inProgress: getConfigurableAccountInProgress, error: getConfigurableAccountError, execute: getConfigurableAccount } = useAsync(async ({ address, usePaymaster = false }: { address: Address; usePaymaster?: boolean }) => {
     const publicClient = getPublicClient({ chainId: defaultChain.id });
     const webauthnValidatorAddress = contractsByChain[defaultChain.id].webauthnValidator;
 
+    // Get current block to calculate safe fromBlock (avoid RPC block range limits)
+    const currentBlock = await publicClient.getBlockNumber();
+    // Query last 100k blocks or from genesis, whichever is more recent
+    const fromBlock = currentBlock > 100000n ? currentBlock - 100000n : 0n;
+
     // FIXME: events should be scoped to the origin domain
     // As well, this doesn't seem to be a reliable way of retrieving a `credentialId`
     // but works for now.
@@ -19,7 +24,7 @@ export const useConfigurableAccount = () => {
         args: {
           keyOwner: address,
         },
-        fromBlock: "earliest",
+        fromBlock,
         strict: true,
       }),
       publicClient.getContractEvents({
@@ -29,7 +34,7 @@ export const useConfigurableAccount = () => {
         args: {
           keyOwner: address,
         },
-        fromBlock: "earliest",
+        fromBlock,
         strict: true,
       }),
     ]);
@@ -58,6 +63,7 @@ export const useConfigurableAccount = () => {
       chainId: defaultChain.id,
       address,
       credentialId: credentialIdHex,
+      usePaymaster,
     });
   });
 

packages/auth-server/composables/useIsSsoAccount.ts

@@ -8,7 +8,10 @@ export function useIsSsoAccount() {
     const publicClient = getPublicClient({ chainId: defaultChain.id });
 
     try {
-      return await publicClient.readContract({
+      console.log("[useIsSsoAccount] Checking if address is SSO account:", accountAddress);
+      console.log("[useIsSsoAccount] SSO Interface ID:", runtimeConfig.public.ssoAccountInterfaceId);
+
+      const result = await publicClient.readContract({
         address: accountAddress,
         abi: [{
           type: "function",
@@ -20,8 +23,33 @@ export function useIsSsoAccount() {
         functionName: "supportsInterface",
         args: [runtimeConfig.public.ssoAccountInterfaceId as Address],
       });
-      ;
-    } catch {
+
+      console.log("[useIsSsoAccount] supportsInterface result:", result);
+      return result;
+    } catch (err: unknown) {
+      console.error("[useIsSsoAccount] Error checking SSO account:", err);
+
+      // Handle NoFallbackHandler error (0x48c9ceda) - ModularSmartAccount doesn't implement supportsInterface yet
+      // WORKAROUND: In our dev environment, all accounts deployed via auth-server-api are ERC-4337 ModularSmartAccounts
+      // that throw this error. We treat these as SSO accounts.
+      // Check both the error message and the full error string representation
+      const errorString = err.toString?.() || String(err);
+      const errorMessage = err.message || "";
+
+      console.log("[useIsSsoAccount] DEBUG - Error details:");
+      console.log("  errorMessage includes 0x48c9ceda?", errorMessage.includes("0x48c9ceda"));
+      console.log("  errorString includes 0x48c9ceda?", errorString.includes("0x48c9ceda"));
+      console.log("  errorMessage:", errorMessage.substring(0, 200));
+      console.log("  errorString:", errorString.substring(0, 200));
+
+      if (errorMessage.includes("0x48c9ceda") || errorMessage.includes("NoFallbackHandler")
+        || errorString.includes("0x48c9ceda") || errorString.includes("NoFallbackHandler")) {
+        console.log("[useIsSsoAccount] ✅ MATCHED! Account has no fallback handler - this is a ModularSmartAccount (ERC-4337), treating as SSO");
+        return true;
+      }
+
+      // For other errors, assume not an SSO account
+      console.warn("[useIsSsoAccount] Unknown error checking supportsInterface, assuming not SSO");
       return false;
     }
   });

packages/auth-server/composables/useRecoveryGuardian.ts

@@ -93,6 +93,8 @@ export const useRecoveryGuardian = () => {
       if (!contracts.guardianExecutor) throw new Error("GuardianExecutor contract address not configured");
       const client = getPublicClient({ chainId: defaultChain.id });
 
+      console.log(`[getGuardians] Fetching guardians for account: ${guardedAccount}`);
+
       // Get list of guardian addresses
       const guardians = await client.readContract({
         address: contracts.guardianExecutor,
@@ -101,6 +103,8 @@ export const useRecoveryGuardian = () => {
         args: [guardedAccount],
       });
 
+      console.log(`[getGuardians] Found ${guardians.length} guardian(s):`, guardians);
+
       // For each guardian, get their status to determine if active
       const guardiansWithStatus = await Promise.all(
         guardians.map(async (addr) => {
@@ -110,13 +114,16 @@ export const useRecoveryGuardian = () => {
             functionName: "guardianStatusFor",
             args: [guardedAccount, addr],
           });
+          console.log(`[getGuardians] Guardian ${addr}: present=${isPresent}, active=${isActive}`);
           return { addr, isReady: isPresent && isActive };
         }),
       );
 
       getGuardiansData.value = guardiansWithStatus;
+      console.log("[getGuardians] Guardians with status:", guardiansWithStatus);
       return guardiansWithStatus;
     } catch (err) {
+      console.error("[getGuardians] Error fetching guardians:", err);
       getGuardiansError.value = err as Error;
       return [];
     } finally {
@@ -166,7 +173,62 @@ export const useRecoveryGuardian = () => {
   const { inProgress: proposeGuardianInProgress, error: proposeGuardianError, execute: proposeGuardian } = useAsync(async (address: Address) => {
     if (!contracts.guardianExecutor) throw new Error("GuardianExecutor contract address not configured");
 
-    const client = getClient({ chainId: defaultChain.id });
+    const client = getClient({ chainId: defaultChain.id, usePaymaster: true });
+    const accountAddress = client.account.address;
+
+    console.log(`[proposeGuardian] Account: ${accountAddress}, Proposing guardian: ${address}`);
+
+    // Check if GuardianExecutor module is installed
+    const publicClient = getPublicClient({ chainId: defaultChain.id });
+    const isModuleInstalled = await publicClient.readContract({
+      address: accountAddress,
+      abi: [{
+        type: "function",
+        name: "isModuleInstalled",
+        inputs: [
+          { name: "moduleTypeId", type: "uint256" },
+          { name: "module", type: "address" },
+          { name: "additionalContext", type: "bytes" },
+        ],
+        outputs: [{ type: "bool" }],
+        stateMutability: "view",
+      }],
+      functionName: "isModuleInstalled",
+      args: [1n, contracts.guardianExecutor, "0x"], // 1 = MODULE_TYPE_EXECUTOR
+    });
+
+    console.log(`[proposeGuardian] GuardianExecutor module installed: ${isModuleInstalled}`);
+
+    // Install module if not already installed
+    if (!isModuleInstalled) {
+      console.log("[proposeGuardian] Installing GuardianExecutor module...");
+      const installTx = await client.writeContract({
+        address: accountAddress,
+        abi: [{
+          type: "function",
+          name: "installModule",
+          inputs: [
+            { name: "moduleTypeId", type: "uint256" },
+            { name: "module", type: "address" },
+            { name: "initData", type: "bytes" },
+          ],
+          outputs: [],
+          stateMutability: "nonpayable",
+        }],
+        functionName: "installModule",
+        args: [1n, contracts.guardianExecutor, "0x"], // 1 = MODULE_TYPE_EXECUTOR, empty initData
+      });
+
+      console.log(`[proposeGuardian] Module installation transaction sent: ${installTx}`);
+      const installReceipt = await client.waitForTransactionReceipt({ hash: installTx });
+
+      if (installReceipt.status === "reverted") {
+        console.error("[proposeGuardian] Module installation reverted. Receipt:", installReceipt);
+        throw new Error(`Failed to install GuardianExecutor module for account ${accountAddress}`);
+      }
+
+      console.log("[proposeGuardian] GuardianExecutor module installed successfully");
+    }
 
     // Call proposeGuardian on the GuardianExecutor module through the smart account
     const tx = await client.writeContract({
@@ -176,8 +238,19 @@ export const useRecoveryGuardian = () => {
       args: [address],
     });
 
+    console.log(`[proposeGuardian] Transaction sent: ${tx}`);
+
     // Wait for transaction receipt
     const receipt = await client.waitForTransactionReceipt({ hash: tx });
+
+    console.log(`[proposeGuardian] Transaction confirmed. Status: ${receipt.status}`);
+
+    if (receipt.status === "reverted") {
+      console.error("[proposeGuardian] Transaction reverted. Receipt:", receipt);
+      throw new Error(`Failed to propose guardian ${address} for account ${accountAddress}`);
+    }
+
+    console.log(`[proposeGuardian] Guardian ${address} proposed successfully for account ${accountAddress}`);
     return receipt;
   });
 
@@ -188,7 +261,7 @@ export const useRecoveryGuardian = () => {
   const { inProgress: removeGuardianInProgress, error: removeGuardianError, execute: removeGuardian } = useAsync(async (address: Address) => {
     if (!contracts.guardianExecutor) throw new Error("GuardianExecutor contract address not configured");
 
-    const client = getClient({ chainId: defaultChain.id });
+    const client = getClient({ chainId: defaultChain.id, usePaymaster: true });
 
     const tx = await client.writeContract({
       address: contracts.guardianExecutor,
@@ -206,28 +279,63 @@ export const useRecoveryGuardian = () => {
 
   /**
    * Accept/confirm a guardian proposal for a given account
-   * This is called by the guardian (from their EOA) to accept the guardian role
+   * This is called by the guardian (from their EOA or smart account) to accept the guardian role
    */
   const { inProgress: confirmGuardianInProgress, error: confirmGuardianError, execute: confirmGuardian } = useAsync(async <transport extends Transport, chain extends Chain, account extends Account>({ client, accountToGuard }: { client: WalletClient<transport, chain, account>; accountToGuard: Address }) => {
     if (!contracts.guardianExecutor) throw new Error("GuardianExecutor contract address not configured");
 
-    // Call acceptGuardian directly from the guardian's wallet
-    const tx = await client.writeContract({
-      address: contracts.guardianExecutor,
-      abi: GuardianExecutorAbi,
-      functionName: "acceptGuardian",
-      args: [accountToGuard],
-      chain: null,
-    });
+    const guardianAddress = client.account.address;
+    console.log(`[confirmGuardian] Guardian address: ${guardianAddress}, Account to guard: ${accountToGuard}`);
+
+    // First, verify the guardian was actually proposed
+    console.log("[confirmGuardian] Checking if guardian was proposed...");
+    const guardians = await getGuardians(accountToGuard);
+    const guardianStatus = guardians.find((g) => g.addr.toLowerCase() === guardianAddress.toLowerCase());
 
-    const transactionReceipt = await waitForTransactionReceipt(client, { hash: tx, confirmations: 1 });
+    if (!guardianStatus) {
+      throw new Error(`Guardian ${guardianAddress} was never proposed for account ${accountToGuard}. The account owner must propose this guardian first before you can accept.`);
+    }
 
-    // Check if transaction was successful
-    if (transactionReceipt.status === "reverted") {
-      throw new Error("Transaction reverted: Guardian confirmation failed");
+    if (guardianStatus.isReady) {
+      console.log(`[confirmGuardian] Guardian ${guardianAddress} is already active for account ${accountToGuard}`);
+      return { alreadyActive: true };
     }
 
-    return { transactionReceipt };
+    console.log("[confirmGuardian] Guardian found in pending state, proceeding with acceptance...");
+
+    try {
+      // Call acceptGuardian from the guardian's wallet
+      const tx = await client.writeContract({
+        address: contracts.guardianExecutor,
+        abi: GuardianExecutorAbi,
+        functionName: "acceptGuardian",
+        args: [accountToGuard],
+        chain: null,
+      });
+
+      console.log(`[confirmGuardian] Transaction sent: ${tx}`);
+
+      const transactionReceipt = await waitForTransactionReceipt(client, { hash: tx, confirmations: 1 });
+
+      // Check if transaction was successful
+      if (transactionReceipt.status === "reverted") {
+        console.error("[confirmGuardian] Transaction reverted. Receipt:", transactionReceipt);
+        throw new Error(`Transaction reverted: Guardian confirmation failed. Guardian: ${guardianAddress}, Account: ${accountToGuard}. This usually means the guardian was not properly proposed or the GuardianExecutor module is not installed.`);
+      }
+
+      console.log("[confirmGuardian] Guardian confirmed successfully");
+      return { transactionReceipt };
+    } catch (error: unknown) {
+      console.error("[confirmGuardian] Error details:", error);
+      // Try to provide more specific error message
+      if ((error as Error).message?.includes("GuardianNotFound")) {
+        throw new Error(`Guardian ${guardianAddress} was not found in pending guardians for account ${accountToGuard}. Make sure the guardian was proposed first by the account owner.`);
+      }
+      if (error.message?.includes("NotInitialized")) {
+        throw new Error(`GuardianExecutor module is not initialized for account ${accountToGuard}. The account owner needs to install the GuardianExecutor module first.`);
+      }
+      throw error;
+    }
   });
 
   /**